No announcement yet.

VPN on SBS 2003. L2TP no working. PPTP does, but Network Places is empty.

  • Filter
  • Time
  • Show
Clear All
new posts

  • VPN on SBS 2003. L2TP no working. PPTP does, but Network Places is empty.

    I want to enable VPN access for our mobile users, so they can access local shares and resources while on the road.
    For that, Iíve followed the steps in the Small Business Server admin guide, but I still have some problems. The configuration is as follows:

    Server is Windows Small Business Server 2003. This is the Domain Controller, DHCP server, DNS server and Certificate Authority.
    Server names is Serverhp, domain is EKAYMM

    1. The connection doesnít take place. I get a timeout.
    2. Donít know how to configure VPN in OSX (10.6). Iíve already installed the User certificate, but donít know how to request a computer certificate.

    I have completed these steps:

    Installed and configured IAS. Disabled MS-CHAP and enabled Strongest Encryption (128 bit)
    Installed and configured Certificate Services. Enterprise root CA (EK roboter Certificate Authority)
    Created a Local Computer and Current User Certificate Console (using the Certificates Snap-Ins)
    Requested a Certificate for the Windows Small Business Server computer. Certificate Type: Domain Controller
    Configured the Remote Access Policy to use EAP authentication.
    Open ports TCP 1723 (PPTP), UDP 500 (IPSec) and UDP 1701 (L2TP), forwarding them to the serverís IP.

    On the client side, I used the Certificate Console to request User and Computer certificates, which both install correctly.
    The VPN connection is configured as follows:

    Here are some other screenshots from the server configuration, which might be useful:

    OS X VPN configuration:

    I was able to connect via PPTP from home without problems. I'll give L2TP a second try today and see what happens. I used PPTP with EAP, User Certificates and 128-encryption. Mac and Windows PCs both connected to the network ok.

    However, in the Windows PC Network Places is empty. Shouldn't it be populated by the servers and PCs in the LAN as if I'd be locally in the network? I don't see any computers in Network Places, but if I do a \\computername\share I can open it without problems.

    I get an IP from the server, DNS is running... but I only see myself. Any ideas?

    UPDATE: L2TP works from inside the LAN, so I think it's a firewall issue. Are there any ports besides those I already forwarded that need to be enabled?
    Last edited by ekG; 9th February 2010, 15:15.